Mailinglist Archive: opensuse (3166 mails)
| < Previous | Next > |
Re: [SLE] My LAN user can not surfing in internet before I restart my SuSEfirewall2
- From: Jerry A! <jerry@xxxxxxxxxxx>
- Date: Fri, 28 Feb 2003 21:25:08 -0500
- Message-id: <20030301022508.GA13117@xxxxxxxxxxxxxxxxx>
On Sat, Mar 01, 2003 at 09:52:18AM +0800, Joe Morris (NTM) wrote:
: On 02/28/2003 09:33 PM, Prabu Subroto wrote:
:
: >No, only one NIC. The NIC is facing the internal LAN
: >and another interface is only ISDN card.
: >
: >What is my mistake? Please tell me. I'm stucked now...
: >
: >
: You have your firewall setup (etc/sysconfig/SuSEfirewall2) set yes for
: running a DNS server on your box. Are you running a dns server? If
: not, set this to no. If yes, then maybe it is your DNS server that is
: crashing, or perhaps it is a caching server, and your ISPs name servers
: are having problems. HTH.
I believe that the problem may be that SuSEfirewall2 by default will
first be brought up at rc2. This presents a chicken-egg problem since
named isn't started until rc3. Thus, when SuSEfirewall2 is initially
started, named isn't running, and the appropriate rules for
FW_SERVICE_DNS aren't activated.
The only solution I've found for this is to restart SuSEfirewall2 after
the box is up.
I believe that this was discussed a few months back on the list, but I
don't recall there ever being an "official" resolution to the issue.
--Jerry
Open-Source software isn't a matter of life or death...
...It's much more important than that!
: On 02/28/2003 09:33 PM, Prabu Subroto wrote:
:
: >No, only one NIC. The NIC is facing the internal LAN
: >and another interface is only ISDN card.
: >
: >What is my mistake? Please tell me. I'm stucked now...
: >
: >
: You have your firewall setup (etc/sysconfig/SuSEfirewall2) set yes for
: running a DNS server on your box. Are you running a dns server? If
: not, set this to no. If yes, then maybe it is your DNS server that is
: crashing, or perhaps it is a caching server, and your ISPs name servers
: are having problems. HTH.
I believe that the problem may be that SuSEfirewall2 by default will
first be brought up at rc2. This presents a chicken-egg problem since
named isn't started until rc3. Thus, when SuSEfirewall2 is initially
started, named isn't running, and the appropriate rules for
FW_SERVICE_DNS aren't activated.
The only solution I've found for this is to restart SuSEfirewall2 after
the box is up.
I believe that this was discussed a few months back on the list, but I
don't recall there ever being an "official" resolution to the issue.
--Jerry
Open-Source software isn't a matter of life or death...
...It's much more important than that!
| < Previous | Next > |